The component itself is parser-agnostic, and can be used with any RFC 822 parser as long as it provides HTML or text output. The sanitization is done on the client-side using DOMParser with some security features targeting older browsers (although there's no guarantee of full functionality under browser versions older than 5 years).

sanitize function

react-letter also exposes a sanitize function that uses DOMParser to sanitize the HTML content of messages and returns HTML text. This allows for usage in other libraries without having to copy the code from react-letter.